smart search

Laravel 5.6 Passport authentication Rest API

Written by me@grafxflow -
14 May, 2018

Now for this tutorial I have decided to use ampps instead of mamp due to my recent liking of using ampps. It already has an option to install laravel from its built in menu but I have decided to use the terminal for parts of the tutorial.

So to start of with for this tutorial I will be using the following applications.

AMPPS is a cross platform AMP stack. It has a nice bonus of having MongoDB built in.

Install laravel and create app

Setup the staging domain in ampps

So now we will setup the domain in ammps this is where it will differ to mamp and show you some of the nice elements of using ampps. Open up the ammps application and launch the ammps browser dashboard with the home icon.

Install the Passport Package

Now you will probably get an error message saying SQLSTATE[42000]: Syntax error or access violation: 1071 Specified key was too long; so make the following changes to be safe - from my research it seems to relate to the MySQL being 5.6 instead of 5.7 which AMPPS doesn't support.

<?php
use Illuminate\Http\Request;
/*
|--------------------------------------------------------------------------
| API Routes
|--------------------------------------------------------------------------
|
| Here is where you can register API routes for your application. These
| routes are loaded by the RouteServiceProvider within a group which
| is assigned the "api" middleware group. Enjoy building your API!
|
*/
/* User must login to access the json data */
Route::post('apiregister', 'ApiRegisterController@register');
Route::middleware('auth:api')->group( function () {
Route::resource('posts', 'PostController');
});

Also from my tests another file needs to be amended or else none of the api calls work so I am unsure it relates to using '' in the web routes later. But anyway open the following file and add your domain to the 'protected function mapApiRoutes()'.

Force json output (optional)

Now this next part is optional but I have included it if you plan on making laravel just for making api calls and not the front end framework. So rather than the default error html pages it will output json.

Register the user and create token/session

For making all the api calls I am using the Postman application. So startup the software and in the first tab choose 'POST' and 'http://laravel-passport-api/api/apiregister'. With this we are registering the user details for the first time.

On pressing 'Send' it should contain the json with 'success' -> 'true'.

There maybe times when pressing the login could cause errors and it maybe due to too many login attempt via laravels throttle. Just input the following.

php artisan cache:clear

Now we want to emulate the user login for setting the token/session. So create a new tab and choose 'POST' and 'http://laravel-passport-api/oauth/token'. In the 'Body' tab enter each of these separately.

Note: To find the 'client_secret' find the database and choose 'oauth_clients' table and find the 'id', 'secret' column next to the name that equals 'Laravel Password Grant Client'.

List the posts api call

So lets list all the products with an api call. So back in Postman application open a new tab and choose the method as 'GET' and 'http://laravel-passport-api/api/posts'. In the 'Headers' tab enter each of these separately, the Authorization will start something like this 'Bearer eyJ0eXAiOi...' - there is a space between.

Accept: Accept
Authorization: Bearer [access_token from the token generated in the http://laravel-passport-api/oauth/token tab]

Create a post and api call

Now to make life easier hover over the tab pressing the 'crtl' key and choose the 'duplicate' from the popup menu. This saves us having to add the token access_token details over and over again in the header tab. Now from the duped tab change the method to 'POST' and 'http://laravel-passport-api/api/posts'. Then in the body tab enter the following. The new project should be returned in the json api call.

title: Laravel 4
content: Short content for Laravel 4

Show a post and api call

Now we want to show an individual post so duplicate the tab again but from this new tab delete all the attributes on the 'Body' tag. Also change the method to 'GET' and add one of the posts id to the url so for this example 1 'http://laravel-passport-api/api/posts/1'. This again should output the following.

Next change it to a number that doesn't exist like 20 - 'http://laravel-passport-api/api/posts/20'. This should now return 'Post not found'.

Update a post and api call

Now we want to update an individual post so duplicate the tab again but from this new tab and add some 'Params'. Also change the method to 'PUT' and add one of the posts id to the url so for this example 1 'http://laravel-passport-api/api/posts/1'. This will now output the changes.

title: Laravel 1 amended
content: Amended short content for Laravel 1

Delete a post and api call

Now the final option is to delete a post. Lets duplicate the tab again and
change the method to 'DELETE' and add one of the posts id to the url so for this example 1 'http://laravel-passport-api/api/posts/1' - inputting this will automatically wipe the 'Params' values. This should output json with the message 'Post deleted successfully.'.

me@grafxflow

I am a Full-stack Developer who also started delving into the world of UX/UI Design a few years back. I blog and tweet to hopefully share a little bit of knowledge that can help others around the web. Thanks for stopping by!